diff options
Diffstat (limited to 'sshkey.c')
| -rw-r--r-- | sshkey.c | 44 |
1 files changed, 26 insertions, 18 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: sshkey.c,v 1.31 2015/12/11 04:21:12 mmcc Exp $ */ | 1 | /* $OpenBSD: sshkey.c,v 1.35 2016/06/19 07:48:02 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. | 4 | * Copyright (c) 2008 Alexander von Gernler. All rights reserved. |
| @@ -1967,7 +1967,8 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, | |||
| 1967 | #ifdef DEBUG_PK /* XXX */ | 1967 | #ifdef DEBUG_PK /* XXX */ |
| 1968 | sshbuf_dump(b, stderr); | 1968 | sshbuf_dump(b, stderr); |
| 1969 | #endif | 1969 | #endif |
| 1970 | *keyp = NULL; | 1970 | if (keyp != NULL) |
| 1971 | *keyp = NULL; | ||
| 1971 | if ((copy = sshbuf_fromb(b)) == NULL) { | 1972 | if ((copy = sshbuf_fromb(b)) == NULL) { |
| 1972 | ret = SSH_ERR_ALLOC_FAIL; | 1973 | ret = SSH_ERR_ALLOC_FAIL; |
| 1973 | goto out; | 1974 | goto out; |
| @@ -2122,8 +2123,10 @@ sshkey_from_blob_internal(struct sshbuf *b, struct sshkey **keyp, | |||
| 2122 | goto out; | 2123 | goto out; |
| 2123 | } | 2124 | } |
| 2124 | ret = 0; | 2125 | ret = 0; |
| 2125 | *keyp = key; | 2126 | if (keyp != NULL) { |
| 2126 | key = NULL; | 2127 | *keyp = key; |
| 2128 | key = NULL; | ||
| 2129 | } | ||
| 2127 | out: | 2130 | out: |
| 2128 | sshbuf_free(copy); | 2131 | sshbuf_free(copy); |
| 2129 | sshkey_free(key); | 2132 | sshkey_free(key); |
| @@ -2368,7 +2371,7 @@ sshkey_drop_cert(struct sshkey *k) | |||
| 2368 | 2371 | ||
| 2369 | /* Sign a certified key, (re-)generating the signed certblob. */ | 2372 | /* Sign a certified key, (re-)generating the signed certblob. */ |
| 2370 | int | 2373 | int |
| 2371 | sshkey_certify(struct sshkey *k, struct sshkey *ca) | 2374 | sshkey_certify(struct sshkey *k, struct sshkey *ca, const char *alg) |
| 2372 | { | 2375 | { |
| 2373 | struct sshbuf *principals = NULL; | 2376 | struct sshbuf *principals = NULL; |
| 2374 | u_char *ca_blob = NULL, *sig_blob = NULL, nonce[32]; | 2377 | u_char *ca_blob = NULL, *sig_blob = NULL, nonce[32]; |
| @@ -2458,7 +2461,7 @@ sshkey_certify(struct sshkey *k, struct sshkey *ca) | |||
| 2458 | 2461 | ||
| 2459 | /* Sign the whole mess */ | 2462 | /* Sign the whole mess */ |
| 2460 | if ((ret = sshkey_sign(ca, &sig_blob, &sig_len, sshbuf_ptr(cert), | 2463 | if ((ret = sshkey_sign(ca, &sig_blob, &sig_len, sshbuf_ptr(cert), |
| 2461 | sshbuf_len(cert), NULL, 0)) != 0) | 2464 | sshbuf_len(cert), alg, 0)) != 0) |
| 2462 | goto out; | 2465 | goto out; |
| 2463 | 2466 | ||
| 2464 | /* Append signature and we are done */ | 2467 | /* Append signature and we are done */ |
| @@ -3632,12 +3635,10 @@ sshkey_parse_public_rsa1_fileblob(struct sshbuf *blob, | |||
| 3632 | /* The encrypted private part is not parsed by this function. */ | 3635 | /* The encrypted private part is not parsed by this function. */ |
| 3633 | 3636 | ||
| 3634 | r = 0; | 3637 | r = 0; |
| 3635 | if (keyp != NULL) | 3638 | if (keyp != NULL) { |
| 3636 | *keyp = pub; | 3639 | *keyp = pub; |
| 3637 | else | 3640 | pub = NULL; |
| 3638 | sshkey_free(pub); | 3641 | } |
| 3639 | pub = NULL; | ||
| 3640 | |||
| 3641 | out: | 3642 | out: |
| 3642 | sshbuf_free(copy); | 3643 | sshbuf_free(copy); |
| 3643 | sshkey_free(pub); | 3644 | sshkey_free(pub); |
| @@ -3658,7 +3659,8 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, | |||
| 3658 | const struct sshcipher *cipher; | 3659 | const struct sshcipher *cipher; |
| 3659 | struct sshkey *prv = NULL; | 3660 | struct sshkey *prv = NULL; |
| 3660 | 3661 | ||
| 3661 | *keyp = NULL; | 3662 | if (keyp != NULL) |
| 3663 | *keyp = NULL; | ||
| 3662 | if (commentp != NULL) | 3664 | if (commentp != NULL) |
| 3663 | *commentp = NULL; | 3665 | *commentp = NULL; |
| 3664 | 3666 | ||
| @@ -3744,8 +3746,10 @@ sshkey_parse_private_rsa1(struct sshbuf *blob, const char *passphrase, | |||
| 3744 | goto out; | 3746 | goto out; |
| 3745 | } | 3747 | } |
| 3746 | r = 0; | 3748 | r = 0; |
| 3747 | *keyp = prv; | 3749 | if (keyp != NULL) { |
| 3748 | prv = NULL; | 3750 | *keyp = prv; |
| 3751 | prv = NULL; | ||
| 3752 | } | ||
| 3749 | if (commentp != NULL) { | 3753 | if (commentp != NULL) { |
| 3750 | *commentp = comment; | 3754 | *commentp = comment; |
| 3751 | comment = NULL; | 3755 | comment = NULL; |
| @@ -3770,7 +3774,8 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, | |||
| 3770 | BIO *bio = NULL; | 3774 | BIO *bio = NULL; |
| 3771 | int r; | 3775 | int r; |
| 3772 | 3776 | ||
| 3773 | *keyp = NULL; | 3777 | if (keyp != NULL) |
| 3778 | *keyp = NULL; | ||
| 3774 | 3779 | ||
| 3775 | if ((bio = BIO_new(BIO_s_mem())) == NULL || sshbuf_len(blob) > INT_MAX) | 3780 | if ((bio = BIO_new(BIO_s_mem())) == NULL || sshbuf_len(blob) > INT_MAX) |
| 3776 | return SSH_ERR_ALLOC_FAIL; | 3781 | return SSH_ERR_ALLOC_FAIL; |
| @@ -3839,8 +3844,10 @@ sshkey_parse_private_pem_fileblob(struct sshbuf *blob, int type, | |||
| 3839 | goto out; | 3844 | goto out; |
| 3840 | } | 3845 | } |
| 3841 | r = 0; | 3846 | r = 0; |
| 3842 | *keyp = prv; | 3847 | if (keyp != NULL) { |
| 3843 | prv = NULL; | 3848 | *keyp = prv; |
| 3849 | prv = NULL; | ||
| 3850 | } | ||
| 3844 | out: | 3851 | out: |
| 3845 | BIO_free(bio); | 3852 | BIO_free(bio); |
| 3846 | if (pk != NULL) | 3853 | if (pk != NULL) |
| @@ -3854,7 +3861,8 @@ int | |||
| 3854 | sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, | 3861 | sshkey_parse_private_fileblob_type(struct sshbuf *blob, int type, |
| 3855 | const char *passphrase, struct sshkey **keyp, char **commentp) | 3862 | const char *passphrase, struct sshkey **keyp, char **commentp) |
| 3856 | { | 3863 | { |
| 3857 | *keyp = NULL; | 3864 | if (keyp != NULL) |
| 3865 | *keyp = NULL; | ||
| 3858 | if (commentp != NULL) | 3866 | if (commentp != NULL) |
| 3859 | *commentp = NULL; | 3867 | *commentp = NULL; |
| 3860 | 3868 | ||